kismet: added new version of the kismet wireless network system

Signed-off-by: Sebastian Wendel <packages@sourceindex.de>

net/kismet/Makefile

@@ -0,0 +1,140 @@
+#
+# Copyright (C) 2006-2014 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=kismet
+PKG_VERSION:=2013-03-R1b
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=http://www.kismetwireless.net/code
+PKG_MD5SUM:=6cdcd78baf2e15edbe8a9de3c5493f02
+
+PKG_BUILD_DEPENDS:=libpcap libncurses libpcre
+
+include $(INCLUDE_DIR)/uclibc++.mk
+include $(INCLUDE_DIR)/package.mk
+
+define Package/kismet/Default
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=Kismet
+  MAINTAINER:=Sebastian Wendel <packages@sourceindex.de>
+  DEPENDS:= $(CXX_DEPENDS) +libnl
+  URL:=http://www.kismetwireless.net/
+  SUBMENU:=wireless
+endef
+
+define Package/kismet/Default/description
+ An 802.11 layer2 wireless network detector, sniffer, and intrusion
+ detection system.
+endef
+
+define Package/kismet-client/conffiles
+/etc/kismet/kismet.conf
+endef
+
+define Package/kismet-drone/conffiles
+/etc/kismet/kismet_drone.conf
+endef
+
+define Package/kismet-server/conffiles
+/etc/kismet/kismet.conf
+endef
+
+define Package/kismet-client
+$(call Package/kismet/Default)
+  TITLE+= client
+  DEPENDS+= +libncurses
+endef
+
+define Package/kismet-client/description
+$(call Package/kismet/Default/description)
+ This package contains the kismet text interface client.
+endef
+
+define Package/kismet-drone
+$(call Package/kismet/Default)
+  DEPENDS+= +libpcap +libpcre +libcap +wireless-tools 
+  TITLE+= drone
+endef
+
+define Package/kismet-drone/description
+$(call Package/kismet/Default/description)
+ This package contains the kismet remote sniffing.and monitoring drone.
+endef
+
+define Package/kismet-server
+$(call Package/kismet/Default)
+  DEPENDS+= +libpcap +libpcre +libcap +wireless-tools
+  TITLE+= server
+endef
+
+define Package/kismet-server/description
+$(call Package/kismet/Default/description)
+ This package contains the kismet server.
+endef
+
+CONFIGURE_ARGS += \
+	--sysconfdir=/etc/kismet \
+
+CONFIGURE_VARS += \
+	CXXFLAGS="$$$$CXXFLAGS -fno-rtti"  \
+	LIBS="-lm" \
+	CLIENTCLIBS="-lm"
+
+define Build/Compile
+	$(MAKE) -C $(PKG_BUILD_DIR) \
+		LD="$(TARGET_CXX)" \
+		all
+endef
+
+define Package/kismet/install
+	$(INSTALL_DIR) $(1)/usr/bin/
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/scripts/kismet $(1)/usr/bin/kismet
+endef
+
+define Package/kismet-client/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/kismet_client $(1)/usr/bin/
+
+	$(INSTALL_DIR) $(1)/etc/kismet/
+	$(INSTALL_CONF) ./files/kismet.conf $(1)/etc/kismet/
+endef
+
+define Package/kismet-drone/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/kismet_drone $(1)/usr/bin/
+
+	$(INSTALL_DIR) $(1)/etc/kismet/
+	$(INSTALL_CONF) ./files/kismet_drone.conf $(1)/etc/kismet/
+
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_CONF) ./files/kismet_drone.config $(1)/etc/config/kismet_drone
+
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/kismet_drone.init $(1)/etc/init.d/kismet_drone
+endef
+
+define Package/kismet-server/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/kismet_server $(1)/usr/bin/
+
+	$(INSTALL_DIR) $(1)/etc/kismet/
+	$(INSTALL_CONF) ./files/kismet.conf $(1)/etc/kismet/
+
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_CONF) ./files/kismet_server.config $(1)/etc/config/kismet_server
+
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/kismet_server.init $(1)/etc/init.d/kismet_server
+endef
+
+$(eval $(call BuildPackage,kismet-client))
+$(eval $(call BuildPackage,kismet-drone))
+$(eval $(call BuildPackage,kismet-server))

net/kismet/files/kismet.conf

@@ -0,0 +1,304 @@
+# Kismet config file
+# Most of the "static" configs have been moved to here -- the command line
+# config was getting way too crowded and cryptic.  We want functionality,
+# not continually reading --help!
+
+# Version of Kismet config
+version=2009-newcore
+
+# Name of server (Purely for organizational purposes)
+# If commented out, defaults to host name of system
+# servername=Kismet Server
+
+# Prefix of where we log (as used in the logtemplate later)
+logprefix=/tmp
+
+# Do we process the contents of data frames?  If this is enabled, data
+# frames will be truncated to the headers only immediately after frame type
+# detection.  This will disable IP detection, etc, however it is likely
+# safer (and definitely more polite) if monitoring networks you do not own.
+# hidedata=true
+
+# Do we allow plugins to be used?  This will load plugins from the system
+# and user plugin directiories when set to true (See the README for the default
+# plugin locations).
+allowplugins=false
+
+# See the README for full information on the new source format
+# ncsource=interface:options
+# for example:
+# ncsource=wifi0:type=madwifi
+# ncsource=wlan0:name=intel,hop=false,channel=11
+ncsource=wlan0
+
+# Comma-separated list of sources to enable.  This is only needed if you defined
+# multiple sources and only want to enable some of them.  By default, all defined
+# sources are enabled.
+# For example, if sources with name=prismsource and name=ciscosource are defined,
+# and you only want to enable those two:
+# enablesources=prismsource,ciscosource
+
+# Control which channels we like to spend more time on.  By default, the list
+# of channels is pulled from the driver automatically.  By setting preferred channels,
+# if they are present in the channel list, they'll be set with a timing delay so that
+# more time is spent on them.  Since 1, 6, 11 are the common default channels, it makes
+# sense to spend more time monitoring them.
+# For finer control, see further down in the config for the channellist= directives.
+preferredchannels=1,6,11
+
+# How many channels per second do we hop?  (1-10)
+channelvelocity=3
+
+# By setting the dwell time for channel hopping we override the channelvelocity
+# setting above and dwell on each channel for the given number of seconds.
+#channeldwell=10
+
+# Channels are defined as:
+# channellist=name:ch1,ch2,ch3
+# or
+# channellist=name:range-start-end-width-offset,ch,range,ch,...
+#
+# Channels may be a numeric channel or a frequency
+#
+# Channels may specify an additional wait period.  For common default channels,
+# an additional wait period can be useful.  Wait periods delay for that number 
+# of times per second - so a configuration hopping 10 times per second with a
+# channel of 6:3 would delay 3/10ths of a second on channel 6.
+#
+# Channel lists may have up to 256 channels and ranges (combined).  For power 
+# users scanning more than 256 channels with a single card, ranges must be used.
+#
+# Ranges are meant for "power users" who wish to define a very large number of
+# channels.  A range may specify channels or frequencies, and will automatically
+# sort themselves to cover channels in a non-overlapping fashion.  An example
+# range for the normal 802.11b/g spectrum would be:
+#
+# range-1-11-3-1
+#
+# which indicates starting at 1, ending at 11, a channel width of 3 channels,
+# incrementing by one.  A frequency based definition would be:
+#
+# range-2412-2462-22-5
+#
+# since 11g channels are 22 mhz wide and 5 mhz apart.
+#
+# Ranges have the flaw that they cannot be shared between sources in a non-overlapping
+# way, so multiple sources using the same range may hop in lockstep with each other
+# and duplicate the coverage.
+#
+# channellist=demo:1:3,6:3,11:3,range-5000-6000-20-10
+
+# Default channel lists
+# These channel lists MUST BE PRESENT for Kismet to work properly.  While it is
+# possible to change these, it is not recommended.  These are used when the supported
+# channel list can not be found for the source; to force using these instead of
+# the detected supported channels, override with channellist= in the source defintion
+#
+# IN GENERAL, if you think you want to modify these, what you REALLY want to do is
+# copy them and use channellist= in the packet source.
+channellist=IEEE80211b:1:3,6:3,11:3,2,7,3,8,4,9,5,10
+channellist=IEEE80211a:36,40,44,48,52,56,60,64,149,153,157,161,165
+channellist=IEEE80211ab:1:3,6:3,11:3,2,7,3,8,4,9,5,10,36,40,44,48,52,56,60,64,149,153,157,161,165
+
+# Client/server listen config
+listen=tcp://127.0.0.1:2501
+#listen=tcp://0.0.0.0:2501
+
+# People allowed to connect, comma seperated IP addresses or network/mask
+# blocks.  Netmasks can be expressed as dotted quad (/255.255.255.0) or as
+# numbers (/24)
+allowedhosts=127.0.0.1
+# Maximum number of concurrent GUI's
+maxclients=5
+# Maximum backlog before we start throwing out or killing clients.  The
+# bigger this number, the more memory and the more power it will use.
+maxbacklog=5000
+
+# Server + Drone config options.  To have a Kismet server export live packets
+# as if it were a drone, uncomment these.
+# dronelisten=tcp://127.0.0.1:3501
+# droneallowedhosts=127.0.0.1
+# dronemaxclients=5
+# droneringlen=65535
+
+# OUI file, expected format 00:11:22<tab>manufname
+# IEEE OUI file used to look up manufacturer info.  We default to the
+# wireshark one since most people have that.
+#ouifile=/usr/share/manuf
+
+# Do we have a GPS?
+gps=false
+# Do we use a locally serial attached GPS, or use a gpsd server, or
+# use a fixed virtual gps?
+# (Pick only one)
+gpstype=gpsd
+# Host:port that GPSD is running on.  This can be localhost OR remote!
+gpshost=localhost:2947
+
+
+# gpstype=serial
+# What serial device do we look for the GPS on?
+# gpsdevice=/dev/rfcomm0
+
+# gpstype=virtual
+# gpsposition=100,-50
+# gpsaltitude=1234
+
+# Do we lock the mode?  This overrides coordinates of lock "0", which will
+# generate some bad information until you get a GPS lock, but it will 
+# fix problems with GPS units with broken NMEA that report lock 0
+gpsmodelock=false
+# Do we try to reconnect if we lose our link to the GPS, or do we just
+# let it die and be disabled?
+gpsreconnect=true
+
+# Do we export packets over tun/tap virtual interfaces?
+tuntap_export=false
+# What virtual interface do we use
+tuntap_device=kistap0
+
+# Packet filtering options:
+# filter_tracker - Packets filtered from the tracker are not processed or
+#                  recorded in any way.
+# filter_export  - Controls what packets influence the exported CSV, network,
+#                  xml, gps, etc files.
+# All filtering options take arguments containing the type of address and
+# addresses to be filtered.  Valid address types are 'ANY', 'BSSID',
+# 'SOURCE', and 'DEST'.  Filtering can be inverted by the use of '!' before
+# the address.  For example,
+# filter_tracker=ANY(!"00:00:DE:AD:BE:EF")
+# has the same effect as the previous mac_filter config file option.
+# filter_tracker=...
+# filter_dump=...
+# filter_export=...
+# filter_netclient=...
+
+# Alerts to be reported and the throttling rates.
+# alert=name,throttle/unit,burst
+# The throttle/unit describes the number of alerts of this type that are
+# sent per time unit.  Valid time units are second, minute, hour, and day.
+# Burst describes the number of alerts sent before throttling takes place.
+# For example:
+# alert=FOO,10/min,5
+# Would allow 5 alerts through before throttling is enabled, and will then
+# limit the number of alerts to 10 per minute.
+# A throttle rate of 0 disables throttling of the alert.
+# See the README for a list of alert types.
+alert=ADHOCCONFLICT,5/min,1/sec
+alert=AIRJACKSSID,5/min,1/sec
+alert=APSPOOF,10/min,1/sec
+alert=BCASTDISCON,5/min,2/sec
+alert=BSSTIMESTAMP,5/min,1/sec
+alert=CHANCHANGE,5/min,1/sec
+alert=CRYPTODROP,5/min,1/sec
+alert=DISASSOCTRAFFIC,10/min,1/sec
+alert=DEAUTHFLOOD,5/min,2/sec
+alert=DEAUTHCODEINVALID,5/min,1/sec
+alert=DISCONCODEINVALID,5/min,1/sec
+alert=DHCPNAMECHANGE,5/min,1/sec
+alert=DHCPOSCHANGE,5/min,1/sec
+alert=DHCPCLIENTID,5/min,1/sec
+alert=DHCPCONFLICT,10/min,1/sec
+alert=NETSTUMBLER,5/min,1/sec
+alert=LUCENTTEST,5/min,1/sec
+alert=LONGSSID,5/min,1/sec
+alert=MSFBCOMSSID,5/min,1/sec
+alert=MSFDLINKRATE,5/min,1/sec
+alert=MSFNETGEARBEACON,5/min,1/sec
+alert=NULLPROBERESP,5/min,1/sec
+alert=PROBENOJOIN,5/min,1/sec
+
+# Controls behavior of the APSPOOF alert.  SSID may be a literal match (ssid=) or
+# a regex (ssidregex=) if PCRE was available when kismet was built.  The allowed 
+# MAC list must be comma-separated and enclosed in quotes if there are multiple 
+# MAC addresses allowed.  MAC address masks are allowed.
+#apspoof=Foo1:ssidregex="(?i:foobar)",validmacs=00:11:22:33:44:55
+#apspoof=Foo2:ssid="Foobar",validmacs="00:11:22:33:44:55,aa:bb:cc:dd:ee:ff"
+
+# Known WEP keys to decrypt, bssid,hexkey.  This is only for networks where
+# the keys are already known, and it may impact throughput on slower hardware.
+# Multiple wepkey lines may be used for multiple BSSIDs.
+# wepkey=00:DE:AD:C0:DE:00,FEEDFACEDEADBEEF01020304050607080900
+
+# Is transmission of the keys to the client allowed?  This may be a security
+# risk for some.  If you disable this, you will not be able to query keys from
+# a client.
+allowkeytransmit=true
+
+# How often (in seconds) do we write all our data files (0 to disable)
+writeinterval=10
+
+# Do we use sound?
+# Not to be confused with GUI sound parameter, this controls wether or not the
+# server itself will play sound.  Primarily for headless or automated systems.
+enablesound=false
+# Path to sound player
+soundbin=play
+
+sound=newnet,true
+sound=newcryptnet,true
+sound=packet,true
+sound=gpslock,true
+sound=gpslost,true
+sound=alert,true
+
+# Does the server have speech? (Again, not to be confused with the GUI's speech)
+enablespeech=false
+# Binary used for speech (if not in path, full path must be specified)
+speechbin=flite
+# Specify raw or festival; Flite (and anything else that doesn't need formatting
+# around the string to speak) is 'raw', festival requires the string be wrapped in
+# SayText("...")
+speechtype=raw
+
+# How do we speak?  Valid options:
+# speech    Normal speech
+# nato      NATO spellings (alpha, bravo, charlie)
+# spell     Spell the letters out (aye, bee, sea)
+speechencoding=nato
+
+speech=new,"New network detected s.s.i.d. %1 channel %2"
+speech=alert,"Alert %1"
+speech=gpslost,"G.P.S. signal lost"
+speech=gpslock,"G.P.S. signal O.K."
+
+# How many alerts do we backlog for new clients?  Only change this if you have
+# a -very- low memory system and need those extra bytes, or if you have a high
+# memory system and a huge number of alert conditions.
+alertbacklog=50
+
+# File types to log, comma seperated.  Built-in log file types:
+# alert				Text file of alerts
+# gpsxml			XML per-packet GPS log
+# nettxt			Networks in text format
+# netxml			Networks in XML format
+# pcapdump			tcpdump/wireshark compatible pcap log file
+# string			All strings seen (increases CPU load)
+logtypes=pcapdump,gpsxml,netxml,alert
+
+# Format of the pcap dump (PPI or 80211)
+pcapdumpformat=ppi
+# pcapdumpformat=80211
+
+# Default log title
+logdefault=Kismet
+
+# logtemplate - Filename logging template.
+# This is, at first glance, really nasty and ugly, but you'll hardly ever
+# have to touch it so don't complain too much.
+#
+# %p is replaced by the logging prefix + '/'
+# %n is replaced by the logging instance name
+# %d is replaced by the starting date as Mon-DD-YYYY
+# %D is replaced by the current date as YYYYMMDD
+# %t is replaced by the starting time as HH-MM-SS
+# %i is replaced by the increment log in the case of multiple logs
+# %l is replaced by the log type (pcapdump, strings, etc)
+# %h is replaced by the home directory
+
+logtemplate=%p%n-%D-%t-%i.%l
+
+# Where state info, etc, is stored.  You shouldnt ever need to change this.
+# This is a directory.
+configdir=%h/.kismet/
+

net/kismet/files/kismet_drone.conf

@@ -0,0 +1,69 @@
+# Kismet drone config file
+
+version=newcore.1
+
+# Name of drone server (informational)
+servername=Kismet-Drone
+
+# Drone configuration
+# Protocol, interface, and port to listen on
+dronelisten=tcp://127.0.0.1:2502
+# Hosts allowed to connect, comma separated.  May include netmasks.
+# allowedhosts=127.0.0.1,10.10.10.0/255.255.255.0
+droneallowedhosts=127.0.0.1
+# Maximum number of drone clients
+dronemaxclients=10
+droneringlen=65535
+
+# Do we have a GPS?
+gps=true
+# Do we use a locally serial attached GPS, or use a gpsd server?
+# (Pick only one)
+gpstype=gpsd
+# gpstype=serial
+# What serial device do we look for the GPS on?
+gpsdevice=/dev/rfcomm0
+# Host:port that GPSD is running on.  This can be localhost OR remote!
+gpshost=localhost:2947
+# Do we lock the mode?  This overrides coordinates of lock "0", which will
+# generate some bad information until you get a GPS lock, but it will 
+# fix problems with GPS units with broken NMEA that report lock 0
+gpsmodelock=false
+# Do we try to reconnect if we lose our link to the GPS, or do we just
+# let it die and be disabled?
+gpsreconnect=true
+
+# See the README for full information on the new source format
+# ncsource=interface:options
+ncsource=null
+# for example:
+# ncsource=wlan0
+# ncsource=wifi0:type=madwifi
+# ncsource=wlan0:name=intel,hop=false,channel=11
+
+# Special per-source options
+# sourceopts=[sourcename|*]:opt1,opt2
+# sourceopts=*:fuzzycrypt,weakvalidate
+
+# Comma-separated list of sources to enable, if you don't want to enable all
+# the sources you defined.
+# enablesource=source1,source2
+
+# How many channels per second do we hop?  (1-10)
+channelvelocity=5
+
+# By setting the dwell time for channel hopping we override the channelvelocity
+# setting above and dwell on each channel for the given number of seconds.
+#channeldwell=10
+
+# Users outside the US might want to use this list:
+# channellist=IEEE80211b:1,7,13,2,8,3,14,9,4,10,5,11,6,12
+channellist=IEEE80211b:1:3,6:3,11:3,2,7,3,8,4,9,5,10
+
+# US IEEE 80211a
+channellist=IEEE80211a:36,40,44,48,52,56,60,64,149,153,157,161,165
+
+# Combo
+channellist=IEEE80211ab:1:3,6:3,11:3,2,7,3,8,4,9,5,10,36,40,44,48,52,56,60,64,149,153,157,161,165
+
+

net/kismet/files/kismet_drone.config

@@ -0,0 +1,2 @@
+config kismet_drone
+    option enabled 0

net/kismet/files/kismet_drone.init

@@ -0,0 +1,26 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2013-2014 OpenWrt.org
+
+START=99
+STOP=99
+
+USE_PROCD=1
+PROG=/usr/bin/kismet_drone
+NAME=kismet_drone
+
+kismet_drone_instance() {
+        procd_open_instance
+        procd_set_param command "${PROG}"
+        procd_append_param command -f /etc/kismet/kismet_drone.conf -s
+        procd_set_param respawn
+        procd_close_instance
+}
+
+start_service() {
+        config_load "${NAME}"
+        config_foreach kismet_drone_instance
+}
+
+stop_service() {
+        service_stop "${PROG}"
+}

net/kismet/files/kismet_server.config

@@ -0,0 +1,2 @@
+config kismet_server
+    option enabled 0

net/kismet/files/kismet_server.init

@@ -0,0 +1,26 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2013-2014 OpenWrt.org
+
+START=99
+STOP=99
+
+USE_PROCD=1
+PROG=/usr/bin/kismet_server
+NAME=kismet_server
+
+kismet_server_instance() {
+        procd_open_instance
+        procd_set_param command "${PROG}"
+        procd_append_param command -f /etc/kismet/kismet.conf -s
+        procd_set_param respawn
+        procd_close_instance
+}
+
+start_service() {
+        config_load "${NAME}"
+        config_foreach kismet_server_instance
+}
+
+stop_service() {
+        service_stop "${PROG}"
+}

net/kismet/patches/010-dont-add-host-include-paths.patch

@@ -0,0 +1,14 @@
+diff --git a/configure b/configure
+index 6936a47..9a85269 100755
+--- a/configure
++++ b/configure
+@@ -6980,9 +6980,6 @@ else
+ fi
+ 
+ 
+-# Add additional cflags since some distros bury panel.h
+-CPPFLAGS="$CPPFLAGS -I/usr/include/ncurses"
+-
+ termcontrol="none";
+ 
+ if test "$wantclient" = "yes"; then